I hadn't, I like the bunker file idea
Discussion
I see several minor issues:
- why encode nsecs as bech32 and not hex?
- bunker npubs should be limited as much as possible (1 key = 1 npub or 1 key per bunker) as it adds additional filtering costs to relays, and therefore be independent from users
- secrets only need to be kept for pairing and should most likely be separate from users
and some other issues
I guess the best way to redesign would be to have a set of keys (with their bunker nsecs), a set of users, secrets for pairing, and already authorized connections (possibly with descriptive names)